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1. Title of the Invention 

METHOD AND APPARATUS FOR PACKET FORWADTNG OYER NXSTS~1 SONET 

2. Detailed Description of the Invention 

This invention relates to a method and apparatus forsubdividing the physical 
ports of network access devices into virtual ports. 



A bridged ethernet network sometimes requires that a physical port be 
subdivided into virtual ports to allow peering with more bridging elements than the 
number of physical porta allows. Currently, ATM VPs/VCs and Frame Relay paths 
are used in the communications industry to establish such virtual ports. However, 
for very high bandwidths these technologies are not suitable due to both technical 
reasons and their high cost. On the other hand SONET/SDH devices can easily 
scaie to very high bandwidths. and are widespread in metropolitan and wide area 
networks: (MAN/WAN). 

There is a need, therefore, for means to economically and effectively bridge 
network access devices transporting optical line data, such as from a fiber channel 
(FC) or Gigabit Ethernet (GbE) Interface, lo a SONET metropolitan area network 
(MAN)/ wide area network (WAN). 



In accordance with the present invention there is provided a method and 
apparatus for intelligent packet forwarding utilizing virtual ports defined by a 
grouping of one or more ST3-1s allocated to source and destination I/O devices 
(client) connected to an N x STS-1 SONET network. A data flow path for 
transporting the client data is established from one virtual pert at the source port 
to another virtual port at the destination port. The data flow path is established by 
notifying each of the ports of the data flow path and providing to the source port 



1 



(9) #M 2002-208950 

sn address identifying the destination port and providing to the destination port an 
address identifying the source port. 

The invention will now be described in detail with reference to the following 
drawings in which like reference numerals refer to iike elements throughout. 

3. Brief Description of the Drawings 

Figure 1 (a) is a schematic block diagram of a metro/wide area data transport 
network illustrating, by the virtual paths S, the functionality of the method and 
apparatus of the present invention which is comprised within network access 
devices {NADs) and Figure 1(b) is a schematic illustration of the virtual ports 
provided by a physical port 1 of the network access device NAD'i ; 

Figure 2 is a functional block diagram of an end-to-end link of a the data 
transport network of Figure 1 showing the components of the transmit side of a 
network access device, for transporting data from a transmit (Tx) node of the 
network, and the components of the receive side of another network access device, 
for receiving data at a receive (Rx) node of the network; and, 

Figures 3 (a), (b) and (c) are tables which illustrate a set of MAC/IP 
addresses identifying I/O devices (a), a set of addresses for the particu'ar 
destination I/O devices of the example (b> and a set of exemplary rules (for which 
the MAC address is chosen for use rather than the IP address) for the forwarding 
of data output by network access device NAD1 shown in Figure 1 (c), all for the 
particular circumstances of the example chosen in which NAD 1 is sending dsta 
from an ethemet link. 



Figure 1 of the drawings is a schematic block diagram illustrating an 
exemplary data transport network 150 for transporting optical serial data output 
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from one I/O device 100 for transport through the network 150 to another UO 
device 1 00, Through a high speed optical point-to-point link 110 a network access 
device (NAD) 200 Interfaces each I/O device 100 to the network 150 and 
multiplexes the optical serial frame data signal into an optical SONET frame signal 
in a manner which controls the flow of the data and flexibly allocates STS-1 s (i.e. 
bandwidth) to each of the input I/O devices 100 interfaced to the NAD. At the 
receive end of the data transport another NAD 200 receives the transported 
SONET format data from the metro/wide area link 150 and demultiplexes and 
outputs the data onto another high speed optical point-to-point link 110 for 
transport to the other I/O device 100. The optical serial links 1 TO, 1 10a could be 
ah'-mct (e.g. 10 Mbps, 100 Mbps or 10Gbps ) or Fiber Channel (FC) and the 
metro/wide area fiber link 120 could be any of a dedicated fiber, dark fiber or WDM 
(Wavelength Division Multiplexed) fiber to provide a clear channel. 

Figure 2 is a functional block diagram of an end-to-end link of the data 
transport network 150 showing the functional blocks thereof for transporting data 
from a transmit (Tx) node to a receive (Rx) node of the network including the 
mapper/aggregator 10 and demapper/deaggregator 80 which provide the 
multiplexer/demultiplexer functions of the NAD 200. In this figure the network 
components of the transmit (Tx) and receive (Rx) nodes provided by two NADs. 
servicing clients (i.e. I/O devices) 20 ij( are shown. 

The multiplexer/demultiplexer components of the NAD 200 are described in 
greater detail in an application filed herewith and owned by same assignee as this 
application, which is incorporated herein by reference. At the transmit node the 
mapper/aggregator 10 performs two related functions which combine to perform 
flexible time-division multiplexing (based on the SONET standard) 1o transport the 
data. First, a mapper maps the client data into a SONET payload whereby STS-1's 
are allocated to a particular client 20; based on a bandwidth allocation configuration 
provided to it. Since each STS-1 represents a fixed amount of bandwidth the 
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mjmrje r of STS-1 's assigned to a client determines how much bandwicth is 
allocated to that client. Advantageously, the assignment of bandwidth lo each 
cl ent is flexible m that it can be assigned and changed based on any number of 
determinants (control parameters) set by a user, a network operator, an applicat on 
ar.d/or network conditions such as traffic, time of day, etc Second, an aggregate 
aggretates (i.e. combines) the client STS-1's into a composite STS pay oad (e.g. 
STS-48 or STS-192), The aggregate data stream is ther- fed into a standard 
SONET transmit framer 30 to insert section/iine/path overhead irfor.-iation (data) 
and create a proper SONET frame. The parallel output from the framer 30 is then 
senaiized anc converted to an optical signal by a serializer/E-0 converter 40 for 
transmission over an optical channel 50 of the metro/wide area link 1 5D. 

At th« receive node the received optical signai ;s converter back to an 
electrical signal and to parallel format by an O-E/deserializer converter 60 and then 
fed into a SONET receive framer 70 where the section/line/path overhead data is 
extracled and p-ocessed. The resulting data stream is passed into a ce- 
aggregator/de-mapper 80 which performs the inverse function of the 
rnapper/agcrecatcr 10. The deaggregator receives the compos te STS-48 payioad 
from the SONET framer and, based upon an assigned local bandwidth allocation 
configuration input thereto, it then separates the composite STS stream into STS- 
1's according to the client 20; they are assigned to. The demapper then takes the 
STS-1's assigned to a particular client 20, and extracts the client data from them. 

The mapper/aggregator 10 and de-aggregator/de-mapper 80 each use a 
configuration memory to assign/map each STS-1 to a particular client For any 
particular assignment of bandwidth (STS-1 s) a client can be assigned any number 
(n) of STS-1 s -'rem n=0 to n=N, where N is the total number of STS-1 s of the 
channe ( e.g. 48 if an OC-48 channel is used). Network management so'tware (a 
network controller) may provides the transmit (Tx) and receive (Rx) nodes with the 



4 



(12) #M 2002-208950 

bandwidth allocation map which assigns STS-i's to the particular clients 20 t , 20, 



In accordance with the present invention fields from layer 2 or layer 3 (or any 
layer above layer 1 ) are used to direct data traffic between virtual ports created on 
the basis of groupings of STS-1s of the physical ports of the NAD, As illustrated 
by Figure 1(b) the physical ports of an NAD 200 are subdivided into virtual ports 
made up of Ihe groups of STS-1 s allocated to a particular client. Each group of 
STS-1 s are treated as a separate (distinct) traffic stream and are independently 
routed over the network 150 to their own destination. In the example shown by 
Figure 1 (b) the network access device NAD 1 has three physical ports 110 and the 
first port 145 comprises two virtual ports 1A and 1B each comprising the number 
of STS-1 s which are allocated to the particular I/O devices whose data is carried 
by those STS-1 groups Knowledge of the layer addressing {e.g. for layer 2 in an 
ethernet link this would be MAC addressing) at each end of the flow path (S) for a 
given STS-1 group is used to define a bridge between those end points (referred 
to herein as a "virtual bridge"). Advantageously, this functionality collectively 
provides flexible bridging over the entire network. 

The tables of Figure 3 illustrate a set of exemplary rules applied within the 
network for the forwarding of data output by a first physical port 1 45 of the network 
access device NAD 1 to each of network access devices NAD2 and NAD3. For this 
example ethernet data is assumed and the field used for the addressing of the 
ends of S-paths is the layer 2 MAC address (although the IP address: could 
alternatively be used). A virtual port 1A is defined by a group of client allocated 
STS-1 s whose destination is an I/O device 100 fed by NAD2 and another virtual 
port 1 B is defined by a different group of client allocated STS-1 s whose destination 
is another i/O device 100 fed by NADS. In the example shown in Figures 1 and 3 
the destination I/O device Interfaced to NAD2 is a router R2 and the destination I/O 
device interfaced to NAD3 is another router R3. For illustration purposes in Figure 
3 the MAC address (layer 2) for R2 is designated M2 and the MAC address for R3 
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is designated M3, (The IP address for M designated as IP2 and the IP address 
for R3 designated as IP3 are also illustrated tq indicate thai layer 3 addresses can 
instead be used.) 



For tills example a given set of rules is applied within the network th order 
to transport the data defined by virtual port 1A to R2 and the data defined by virtual 
port 1B to R3 and these are shown by the table (r.) of Figure 3. As illustrated the 
MAC address assigned to the destination I/O device is used to direct the flow of 
each virtual port. 



For purposes of illustrating the routing method of the invention, using an example, 
the following selected definitions are used: 



(a) The group of STS-1s that are treated as a single pipe and routed through 
the core network together are referred to as an s-path, 

(b) The MAC addresses of three I/O devices (1/01, I/02 and I/03] on the 
network are referenced MA1, MA2 and MA3, 

(c) The three I/O devices are on three different NADs. 1/01 is on NAD1 ,1/02 is 
on N ADZ and I/O 3 is on NAD 3, 

(d) There are three different s-path groups to be routed and each s-path 
represents a traffic flow between two I/O devices. Si -2 represents and 
carries the traffic flow between the 1/01 and I/02. S1-3 represents; and 
carries the traffic flow between 1/01 and I/03. S2-3 represents and carries 
the traffic flow between I/02 and I/03. 



For a user to establish a connection through the network between 1/01 and I/02, 
the s-path S1-2 must be created. At this point, both NAD1 and NAD2 must be 
made aware of S 1-2 and also the MAC addresses at the ends of the s-path. This 
s-path to MAC acJdressment assignment may be established by the network 
management system (NMS) as follows: 
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1. The NMS is informed by the user that 1/01 (through it's MAC address MAI) 
is attached to NAD1 and that S/02 is attached through NAD2. 

2. When the s-path S1-2 between 1701 and I/02 is created, the NMS informs 
NAD1 thai MA2 is at the end of S1 -2 and the NMS informs NAD2 that MA1 
is at the end of S 1-2. 

Alternatively, instead of using the NMS to establish the MAC to s-path assignment, 
a user can do so directly as follows: 

1 The user informs NAD1 directly that a news-path S 1-2 exists in the network. 

2. The user informs NAD1 that MA2 is at the end of S 1-2, 

3. The user informs NAD2 directly that a new s-path S1-2 exists in the network. 

4. The user informs NAD2 that MA 1 is at the end of Si -2. 

It is to be noted thai multiple I/O devices may be connected to a single NAD. 
In all of the above s-path and MAC address assignments, the I/O device and it's 
MAC address are associated with a port on the NAD and not the entire NAD. 

Various means may be used by the NMS/userto inform the I/O devices and 
NADs associated therewith of the created S-paths and MAC addresses at the end s 
thereof. This information can bet provided either in-band (i.e. within the SONET 
payload/overhead) or out-of-band (i.e. carried to the NADs via an externa! network). 

The network 150 provides an appearance of a distributed L2 switch. As 
there is a potential for only a partial mesh of STS-1 flows only certain I/O device 
ports will be connectable (e.g. if an STS-1 flow does not exist between a first and 
second I/O device port those ports cannot be connected). In such case the data 
traffic going from a first I/O device port to a second I/O device port must be routed 
via another I/O port which does have an STS-1 flow to the second I/O device port 
and calculation of such extended route is accomplished automatically by supported 
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routing protocols. Also, as the MAC address to NAD port assignment is done 
manually, this method is inherently secure, making if difficult for third-parties io 
"break into" or "spoof a private network created through a group of s-paths. 



Advantageously, the foregoing method of assigning a group of STS-ls to a 
given flow of ethemet frames guarantees that GoS automatical.'-/ results. As such 
the IT network is able to implement a form of traffic guarantee with non-QoS-aware 
ethernet/iP switches such that a core is implemented with no contention for 
bandwidth. 

The individual electronic and processing functions utilised in the foregoing 
described preferred embodiment are, individually, well understood by those skilled 
in the art. It is to be understood by the reader that a variety of other 
implementations may be devised by skilled persons for substitution. Persons 
skilled in the field of communication design will be readily able to apply the present 
invention to an appropriate implementation method for a given application, 

Consequently, il is to be understood that the particular embodiment shown 
and described herein by way of illustration is not intended lo limit the scope of the 
Invention claimed by the inventors which is defined by the appended claims. 
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1 . A method for packet forwarding over an N x STS-1 SON ET network from a 
source port to a destination port client data occupying a group of one or more STS- 
1s at said source port, said method comprising establishing a data flow path 
defined by said STS-1 s from said source port to said destination port defined by 
said STS-1 s. 

2. A method according to claim i comprising notifying each of said ports of 
said data flow path, providing to said source port an address identifying said 
destination port and providing to .said destination port an address identifying said 
source port. 

3. Apparatus for packet forwarding over an N x STS-1 SONET network from 
a source port to a destination port client data occupying a group of one or more 
STS-1 s at said source port, said apparatus comprising; 

(a) a path identifier for identifying a data flow path comprising said STS-1 r, 
and extending from said Source port to said destination port and notifying each of 
said ports of said data flow path: and, 

(b) an address identifier for identifying and providing to said source port 
an address identifying said destination port and for identifying and providing to said 
destination port an address identifying said source port. 
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1. Abstract 

A method and apparatus for intelligent packet forwarding utilizing virtual 
ports defined by a grouping of one or more STS-1s allocated to source and 
destination I/O devices (client) connected to an N x STS-1 SONET network. A 
data flow path for transporting the client data is established from one virtual port 
at the source port to another virtual port at the destination port. The data How path 
is established by notifying each of the ports of the data flow path and providing to 
the source port an address identifying the destination port and providing to the 
destination port an address identifying the source port. 



2. Representat ive Drawing 
Figure 1 



